Like magicians, hackers do not reveal their tricks – but we will Originally posted on May 8, 2017

According to NIST’s National Vulnerability Database, six vulnerability categories have grown from 68% to over 84% of the total number of reported vulnerabilities in just the past four years.

What these categories have in common are the tools hackers rely upon to probe, discover, and exploit these increasingly mainstream vulnerabilities. Specifically, hackers begin with application debuggers and reverse engineering tools to pick apart and modify applications. These “programmatic hacks” have led to many of today’s most devastating application and data exploits.

In each of the programmatic CVE categories listed above, a hacker likely began their attack by using some flavor of debugger to explore and manipulate a running instance of an application to bypass security, execute unauthorized code, elevate privileges, etc.

Debugger detection: Debuggers come in a variety of flavors and packaging. An effective control will detect both managed and native debuggers.

Debugger defense: Once an unauthorized debugger has been detected, a variety of pre-packaged real-time measures as well as application and runtime-specific tactics must be readily available for the developer to choose from. These can include throwing random exceptions, exiting the program, “bricking” the application permanently, generating custom log entries, etc.

Debugger notifications: In addition to real-time defense and mitigation, it is valuable to emit an alert or notification that can initiate an operational response including isolating the device or even the local network running the compromised application.

Implementation: Real-time counter measures and runtime reporting represent a new category of application behavior that must be specified, documented, and tested. Minimizing the amount and complexity of this incremental effort will often be the determining factor as to how consistently and effectively these controls are applied.

Quality and support: The mission-critical nature of these controls mandate the highest levels of quality, transparency, and support to ensure that the controls do not create more risk than they mitigate.

Dotfuscator for .NET and DashO for Java and Android

PreEmptive Solutions Dotfuscator for .NET and DashO for Java and Android have been developed and continuously improved over the past 15 years to meet these requirements – on desktop, mobile, server, and cloud.

Subscribe To

About Me

Grew-up in Westbeth, the world's largest artist community. (www.westbeth.org) I rebelled and went into the world of commercial software where I have been for over 30 years. I am currently EVP & Chief Strategy Officer at PreEmptive Solutions. (www.preemptive.com)